This Week in Cybersecurity News
Energy Firms Exposed to Catastrophic Cyber Attack, Warns Ex-NSA Boss by Phil Muncaster, Infosecurity Magazine
There are speculations about the risk for a catastrophic attack on Western critical infrastructure, specifically in the energy industry, that companies are unprepared for. It is reported that Iran-backed operatives have gained access to information that could enable successful attacks on SCADA systems in the future. Historically, these systems have been protected by being cut off from the internet, but a potential for remote access still exists. For now, whitelisting, lockdowns, memory and content scanning, updated technology and personnel training is recommended.
A Bot Exposes Twitter’s Financials – Was the Scraping an Illegal Hack? by David Kravets, Ars Technica
A web-crawling bot discovered Twitter’s financials buried in its investor relations page, allowing the earnings statement to be published online 45 minutes ahead of schedule, causing an 18% drop in shares. Financial-intelligence firm Selerity has come forward as the source that published the information before NASDAQ’s closing bell but claims they did not hack anybody. This is the same company who released Microsoft’s earnings early in 2011 and ADP Research Institute’s in 2014.
Partners HealthCare Reports Data Breach by Jessica Bartlett, Boston Business Journal
Massachusetts’ largest health care system, Partners HealthCare, has suffered a major data breach that includes patient information. So far, it’s been reported that a group of employees from different facilities within the system received phishing emails and provided information in response to the legitimate-seeming emails. Partners HealthCare has confirmed it is notifying 3,300 patients about the incident and encouraging those affected to review the benefits statement they receive from their insurer for accuracy.
Click-Fraud Malware Now Used for Russian Propaganda by Maria Korolov, CSO
Researchers discovered an attack campaign that used the Bedep Trojan to artificially generate traffic to videos with pro-Russia propaganda content on Dailymotion.com. The malware automatically, and without visibility to the user, loaded movies on infected machines to spike view counts, causing at least one to be featured on the front page.
Macro Malware Makes a Comeback with BARTALEX Attack by Ashley Carman, SC Magazine
A surge in Spam messages targeting mainly US-based banks and financial institutions has been reported. Attackers are sending phishing emails claiming to be an electric fund transfer company and containing a BARTALEX malware-laden document that, if enabled, will drop Dyre banking malware. This particular attack involved more than 1,000 malicious Dropbox links, though all link-sharing abilities have since been shut down at these locations.